File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.
{
"unresolved_ranges": [
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p10:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p10"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p12:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p12"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p13:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p13"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p14:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p14"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p15:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p15"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p16:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p16"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p17:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p17"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p18:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p18"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p19:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p19"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p21:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p21"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p22:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p22"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p23:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p23"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p24:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p24"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p25:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p25"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p27:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p27"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p28:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p28"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p29:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p29"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p2:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p2"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p37:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p37"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p4:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p4"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p6:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p6"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p7:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p7"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p8:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p8"
}
]
},
{
"source": "CPE_FIELD",
"cpe": "cpe:2.3:a:zimbra:collaboration:8.8.15:p9:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "8.8.15-p9"
}
]
}
]
}{
"source": "CPE_FIELD",
"cpe": [
"cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p1:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p11:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p20:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p26:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p3:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p30:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p31:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p32:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p33:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p34:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p35:*:*:*:*:*:*",
"cpe:2.3:a:zimbra:collaboration:8.8.15:p5:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "8.8.15-NA"
},
{
"last_affected": "8.8.15-p1"
},
{
"last_affected": "8.8.15-p11"
},
{
"last_affected": "8.8.15-p20"
},
{
"last_affected": "8.8.15-p26"
},
{
"last_affected": "8.8.15-p3"
},
{
"last_affected": "8.8.15-p30"
},
{
"last_affected": "8.8.15-p31"
},
{
"last_affected": "8.8.15-p32"
},
{
"last_affected": "8.8.15-p33"
},
{
"last_affected": "8.8.15-p34"
},
{
"last_affected": "8.8.15-p35"
},
{
"last_affected": "8.8.15-p5"
}
]
}